FedRAMP Governance New Post | June 4, 2024
FedRAMP Moderate Readiness Assessment Report (RAR) Template Updated Document | May 31, 2024
FedRAMP High Readiness Assessment Report (RAR) Template Updated Document | May 31, 2024
FedRAMP Package Access Request Form New Document | April 30, 2024
SAR Appendix A - FedRAMP Risk Exposure Table (RET) Template New Document | March 29, 2024
Updated Document | March 29, 2024
A New Roadmap for FedRAMP New Post | March 28, 2024
RFQ for GRC Solution Released New Post | March 15, 2024
Penetration Test Guidance Public Comment Period New Post | March 4, 2024
FedRAMP Continuous Monitoring Deliverables Template New Document | March 4, 2024
Annual Assessment Controls Selection Worksheet New Document | March 4, 2024
Rev. 5 - Additional Documents Released New Post | February 16, 2024
SSP Appendix A - Moderate FedRAMP Security Controls New Document | February 15, 2024
SSP Appendix A - High FedRAMP Security Controls New Document | February 15, 2024
FedRAMP Vulnerability Deviation Request Form New Document | February 15, 2024
FedRAMP Rev. 4 to Rev. 5 Assessment Controls Selection Template New Document | February 15, 2024
Vulnerability Scanning Requirements New Document | February 15, 2024
CSP Authorization Playbook New Document | February 15, 2024
Annual Assessment Guidance New Document | February 15, 2024
Agency Authorization Playbook New Document | February 15, 2024
Supplemental Direction v2 - CISA Emergency Directive 24-01 New Post | February 12, 2024
Supplemental Direction v1 - CISA Emergency Directive 24-01 New Post | February 1, 2024
FedRAMP's Emerging Technology Prioritization Framework - Overview and Request for Comment New Post | January 26, 2024
CISA Emergency Directive 24-01 New Post | January 19, 2024
Modernization - Automating FedRAMP's Technology New Post | January 17, 2024
FedRAMP Modernization Overview New Post | December 14, 2023
Extended Comment Period on Draft FedRAMP Memo New Post | November 30, 2023
FedRAMP Repository - USDA Connect Update New Post | November 13, 2023
FedRAMP Policy Memo Public Engagement Forum with OMB New Post | November 3, 2023
FedRAMP's Role In The AI Executive Order New Post | October 31, 2023
OMB FedRAMP Memo New Post | October 27, 2023
FedRAMP High, Moderate, Low, LI-SaaS Baseline System Security Plan (SSP) Updated Document | October 13, 2023
FedRAMP Repository - Next Steps New Post | September 21, 2023
A2LA Updates the R311 New Post | September 19, 2023
Rev. 5 - Additional Documents Released New Post | August 30, 2023
SSP Appendix A - Low FedRAMP Security Controls New Document | August 30, 2023
SSP Appendix A - LI-SaaS FedRAMP Security Controls New Document | August 30, 2023
FedRAMP General Document Acceptance Criteria New Document | August 30, 2023
FedRAMP Collaborative ConMon Quick Guide New Document | August 30, 2023
Continuous Monitoring Performance Management Guide New Document | August 30, 2023
New 3PAO Training - Obligations and Performance Standards New Post | August 1, 2023
CSPs Prioritized to Work with the JAB New Post | July 25, 2023
3PAO Assessment Teams Must Be Qualified New Post | July 20, 2023
FedRAMP Guidance for M-21-31 and M-22-09 New Post | July 14, 2023
The Rev. 5 Approach to SC-8, and Protecting Data-in-Transit New Post | July 13, 2023
SSP Appendix J - CIS and CRM Workbook New Document | July 13, 2023
Rev. 5 - Additional Documents Released New Post | June 30, 2023
SSP Appendix Q - Cryptographic Modules Table New Document | June 30, 2023
SSP Appendix M - Integrated Inventory Workbook Template Updated Document | June 30, 2023
SSP Appendix G - Information System Contingency Plan (ISCP) Template New Document | June 30, 2023
SSP Appendix F - Rules of Behavior (RoB) Template New Document | June 30, 2023
SAP Appendix A - FedRAMP Moderate Security Test Case Procedures Template New Document | June 30, 2023
SAP Appendix A - FedRAMP Low Security Test Case Procedures Template New Document | June 30, 2023
SAP Appendix A - FedRAMP High Security Test Case Procedures Template New Document | June 30, 2023
FedRAMP Security Assessment Report (SAR) Template New Document | June 30, 2023
FedRAMP Security Assessment Plan (SAP) Template New Document | June 30, 2023
FedRAMP Laws, Regulations, Standards and Guidance Reference New Document | June 30, 2023
FedRAMP Initial Authorization Package Checklist Updated Document | June 30, 2023
3PAO Readiness Assessment Report Guide New Document | June 30, 2023
Looking Ahead - FedRAMP PMO Communications Regarding Rev. 5 New Post | June 28, 2023
FedRAMP Marketplace Upgrade New Post | June 20, 2023
FedRAMP Guidance on BOD 23-02 New Post | June 16, 2023
Updated Rev. 5 OSCAL Profiles and Resolved Profile Catalogs Have Been Released New Post | June 15, 2023
Rev. 5 Baselines Have Been Approved and Released! New Post | May 30, 2023
FedRAMP Security Controls Baseline Updated Document | May 30, 2023
GSA Releases FedRAMP’s 2023 Customer Survey New Post | May 19, 2023
GSA Administrator Appoints Members to the Federal Secure Cloud Advisory Committee New Post | May 12, 2023
FedRAMP Authorizations Hit 300 Milestone New Post | April 26, 2023
Updated FedRAMP 3PAO Obligations and Performance Standards Document New Post | April 6, 2023
3PAO Obligations and Performance Guide Updated Document | April 6, 2023
CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date New Post | February 7, 2023
Call for Federal Secure Cloud Advisory Committee Nominations New Post | January 25, 2023
FedRAMP FY22 Annual Survey Recap New Post | January 17, 2023
FedRAMP Announces the Passing of the FedRAMP Authorization Act! New Post | January 11, 2023
Status of Crypto Modules in Historical Status New Post | December 22, 2022
Engaging with FedRAMP - PART 3, The SAR Debrief New Post | November 29, 2022
Engaging with FedRAMP - PART 2, The Kickoff Meeting New Post | November 16, 2022
Engaging with FedRAMP - PART 1, The Intake Process New Post | November 9, 2022
A Look Back at Fiscal Year 2022 New Post | October 27, 2022
CSP Prioritized to Work with the JAB and Next FedRAMP Connect Due Date New Post | October 25, 2022
FedRAMP Agency Liaisons New Post | September 22, 2022
FedRAMP Announces Public Comment Period for Authorization Boundary Guidance New Post | September 14, 2022
FedRAMP Releases Updated Brand Guide New Post | September 1, 2022
Branding Guidance New Document | September 1, 2022
FedRAMP Launches OSCAL Developer Data Bites Series New Post | August 18, 2022
FedRAMP Releases the FY22 Annual Survey New Post | August 10, 2022
Reusing Authorizations for Cloud Products Quick Guide New Document | July 26, 2022
PMO Releases Subnetting White Paper New Post | July 19, 2022
Penetration Test Guidance Updates New Post | July 5, 2022
Penetration Test Guidance Updated Document | June 30, 2022
Update to the Plan of Actions and Milestones Template New Post | June 28, 2022
CISA Releases Updated Cloud Security Technical Reference Architecture New Post | June 23, 2022
Subnets White Paper New Document | June 21, 2022
CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date New Post | June 1, 2022
FedRAMP Receives First OSCAL System Security Plan New Post | May 19, 2022
FedRAMP Rev. 5 Transition Update New Post | April 27, 2022
Responsibilities of CSPs and 3PAOs for FedRAMP Annual Assessment New Post | March 16, 2022
FedRAMP BOD 22-01 Guidance New Post | March 8, 2022
FedRAMP Prepares for 'Zero Trust' Stance New Post | March 2, 2022
FedRAMP Updates the Threat-Based Methodology to Authorizations New Post | February 15, 2022
Threat-Based Risk Profiling Methodology White Paper New Document | February 15, 2022
FedRAMP FY21 Annual Survey Recap New Post | January 27, 2022
FedRAMP Connect Business Case Deadline Extended New Post | January 19, 2022
FedRAMP Releases Updated CSP Authorization Playbook New Post | January 18, 2022
Readiness Assessment Report (RAR) Templates and Guide Updates for 3PAOs New Post | January 4, 2022
FedRAMP Publishes Draft Rev. 5 Baselines New Post | December 21, 2021
FedRAMP Turns 10! New Post | December 8, 2021
A2LA Updates the R346 Regarding Remote Baltimore Cyber Range Assessments New Post | December 7, 2021
Unique Vulnerability Counts with Container Scanning New Post | December 2, 2021
Updated Document | November 23, 2021
A Look Back at Fiscal Year 2021 New Post | November 9, 2021
CSPs Prioritized to Work with the JAB and the Next FedRAMP Connect Due Date New Post | November 2, 2021
FedRAMP Releases Updated Marketplace Designations Document for CSPs New Post | October 28, 2021
FedRAMP Releases Updated Agency Authorization Playbook New Post | October 20, 2021
The Importance of ATO Letter Submission New Post | September 22, 2021
FedRAMP Updates CSP SSP (200A) Training New Post | August 24, 2021
FedRAMP Releases OSCAL Validations New Post | August 12, 2021
FedRAMP Releases the FY21 Annual Survey! New Post | August 10, 2021
New Post | July 20, 2021
Requesting Public Comment on FedRAMP Authorization Boundary Guidance New Post | July 14, 2021
FedRAMP Authorization Boundary Guidance Updated Document | July 13, 2021
A2LA Updates the R311 New Post | June 30, 2021
FedRAMP Announces NIST’s OSCAL 1.0.0 Release New Post | June 8, 2021
An Update to FedRAMP’s Low, Moderate, and High Baseline SA-4 Controls and IR-3 High Baseline New Post | May 20, 2021
Remote Testing of Datacenters New Post | May 11, 2021
Rev5 Transition Update New Post | May 6, 2021
FedRAMP Connect Business Case Deadline Extended New Post | April 27, 2021
Release of FedRAMP Incident Communications Procedures New Post | April 15, 2021
Incident Communications Procedures Updated Document | April 15, 2021
FedRAMP Agency Authorization Review Report Sample Template Updated Document | April 7, 2021
JAB Guidance on CentOS Linux End of Life New Post | March 30, 2021
FedRAMP Launches YouTube Channel New Post | March 24, 2021
Vulnerability Scanning Requirements for Containers New Post | March 16, 2021
Vulnerability Scanning Requirements for Containers New Document | March 16, 2021
The New FedRAMP.gov New Post | February 16, 2021
FedRAMP Explores a Threat-Based Methodology to Authorizations New Post | February 10, 2021
CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date New Post | January 27, 2021
Timeliness and Accuracy of Testing Requirements New Document | December 11, 2020
FedRAMP Hosts a 3PAO Interact Week New Post | December 1, 2020
FedRAMP’s NIST Rev5 Transition Plan New Post | November 24, 2020
CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date New Post | October 9, 2020
FedRAMP Reaches 200 Authorizations New Post | September 17, 2020
Updated 3PAO Obligations and Performance Standards document New Post | September 1, 2020
Additional FedRAMP OSCAL Resources and Templates New Post | August 20, 2020
Requesting Public Comment on Vulnerability Scanning Requirements for the Deployment and Use of Containers New Post | August 14, 2020
Updated Control Implementation Summary (CIS) and Customer Responsibility Matrix (CRM) Templates New Post | August 6, 2020
Please Take the FY20 FedRAMP Annual Survey! New Post | August 5, 2020
An Update to FedRAMP’s High Baseline SA-9(5) Control New Post | July 31, 2020
FedRAMP Announces Document and Template Updates New Post | July 23, 2020
FedRAMP Announces Agency Liaison Program New Post | June 24, 2020
Using the FedRAMP OSCAL Resources and Templates New Post | June 10, 2020
Do Once, Use Many - How Agencies Can Reuse a FedRAMP Authorization New Post | May 7, 2020
JAB Prioritized CSPs and FedRAMP Connect Updates New Post | March 26, 2020
JAB Prioritization Criteria and Guidance New Document | March 26, 2020
FedRAMP Lessons Learned for Small Businesses New Post | February 26, 2020
FedRAMP Looks Back on a Successful FY2019 New Post | February 21, 2020
FedRAMP Moves to Automate the Authorization Process New Post | December 17, 2019
Seeking Public Comments on the Draft Customer Implementation Summary (CIS) and Customer Responsibility Matrix (CRM) Templates New Post | December 12, 2019
New Post | October 15, 2019
FedRAMP Connect Results and Next Round of Connect Open Until September 13th New Post | September 10, 2019
New Post | September 4, 2019
Please Take the FY19 FedRAMP Annual Survey! New Post | August 27, 2019
FedRAMP Launches Ideation Challenge New Post | July 24, 2019
FedRAMP Marketplace Guidance Released New Post | June 20, 2019
FedRAMP ATO Letter Template New Document | June 20, 2019
Get to Know FedRAMP's Program Manager of Security Operations New Post | May 30, 2019
Meet FedRAMP's Customer Success Manager New Post | May 8, 2019
Best Practices for Multi-Agency Continuous Monitoring New Post | May 1, 2019
Reviewing the SAR - Best Practices for 3PAOs, Agencies, and Cloud Service Providers New Post | March 7, 2019
FedRAMP Updates 3PAO Requirements New Post | November 6, 2018
FedRAMP Significant Change Form Template New Document | August 28, 2018
FedRAMP New Cloud Service Offering (CSO) or Feature Onboarding Request Template New Document | August 28, 2018
Significant Change Policies and Procedures New Document | August 28, 2018
Joint Authorization Board Charter New Document | July 13, 2018
Annual Assessment Guidance New Post | April 26, 2018
Continuous Monitoring Strategy Guide New Document | April 4, 2018
FedRAMP Accelerated: A Case Study for Change Within Government New Document | March 29, 2018
Guide for Determining Eligibility and Requirements for the Use of Sampling for Vulnerability Scans New Document | March 20, 2018
Automated Vulnerability Risk Adjustment Framework Guidance New Document | March 20, 2018
Continuous Monitoring Monthly Executive Summary Template New Document | January 31, 2018
Impact of FedRAMP for Small Businesses New Post | January 25, 2018
Understanding Baselines and Impact Levels in FedRAMP New Post | November 16, 2017
CSP JAB P-ATO Roles and Responsibilities New Document | May 18, 2017
FedRAMP Policy Memo New Document | December 8, 2011